Step 5: Enable Database Audit
Scenario
By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. You can enable audit and check audit results. For details, see Viewing Audit Data.
Prerequisites
The status of the agent is Running.
Enabling Database Audit
- Log in to the DBSS console.
- Click
in the upper left corner on the displayed page and select a region. - In the navigation tree on the left, choose Databases.
- Select a database audit instance from the Instance drop-down list.
- In the database list, click Enable in the Operation column of the database you want to audit.
The Audit Status of the database is Enabled. You do not need to restart the database.
Figure 1 Enabling database audit
Table 1 Parameters Parameter
Description
Database Information
Name, type, and version of a database
Character Set
Encoding character set of the database
IP Address (Domain Name)/Port
The IP address and port number of the database.
Instance
Database instance name
OS
Operating system of the database
Audit Status
Audit status of the database. The options are as follows:
- Enabled
- Disabled
Agent
- Click View Agent to check the agent information. For details, see Viewing an Agent.
- Click Add to add an agent for the database. For details, see Adding an Agent.
Operation
Operation that can be performed on a database.
- Enable: Enable database audit. For details, see Enabling Database Audit.
- Disable: Disable database audit. For details, see Disabling Database Audit.
- Delete: Delete a database added for audit. For details, see Deleting a Database.
- Upload Private Key or Update Private Key: Upload or update the SSL private key of the database server. For details, see Encrypted Audit.
Verifying Audit Results
- Run an SQL statement (for example, show databases) in the target database.
- In the navigation tree on the left, choose Data Reports.
- In the Instance drop-down list, select the instance that audits the target database.
- Click the Statements tab.
- Expand the drop-down list and select All time, Last 30 minutes, 1 hour, Today, 7 days, 30 days, or set a custom time range. Click the search box, select a filter, or enter a keyword.
- If the SQL statement is displayed in the SQL statements, the audit is successful.
- If the SQL statement is not displayed in the SQL statements, the network communication between the agent and the database audit instance is abnormal. For details, see What Do I Do If the Communication Between the Agent and Database Audit Instance Is Abnormal?
Figure 2 Viewing SQL statements
Table 2 SQL statement parameters Parameter
Description
SQL Statements
Entire SQL statement.
Client IP Address
IP address of the client where an SQL statement is executed
Database IP Address/Domain Name
IP address or the domain name of the database where an SQL statement is executed
Database User
Database user for executing an SQL statement
Name
Database name for executing an SQL statement
Risk Level
Risk level of executing an SQL statement.
- High
- Medium
- Low
- No risk
Rule
Name of the rule for executing an SQL statement.
Operation Type
Type of an SQL statement operation
Result
Response to an SQL statement
Generated
Time when an SQL statement is generated
Operation
Operations that can be performed on SQL statements
- Add to Whitelist: Add an SQL statement to the whitelist.
References
If the network communication between the agent and the database audit instance is normal but the audit still fails, rectify the fault by referring to Database Audit Is Running Properly But Generates No Audit Records.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot